Encryption systems may use fragmented encryption keys. A first portion of the encryption key may be referred to as a master encryption secret known only by the database system. A second portion of the encryption key may be associated with different users. The encryption system uses the encryption key formed by the two encryption secrets to encrypt data for an associated user. The encrypted data is then stored in a database. The encryption system uses the encryption key to then decrypt the stored data prior to sending the data to the user.